ControlPlane at KubeCon NA '23 Chicago
By Jasmine Andine
KubeCon North American 2023 is this week, and ControlPlane is proud to both sponsor and participate in community events. Hereโs a list of our activities across the week - add us to your schedule and come and learn from our team about the latest trends and developments in Cloud Native security.
Monday 6th November
Kubernetes Contributor Summit
Join us for an exciting talk on Updating the Kubernetes Threat Model!
โDive into the world of Kubernetes security and threat modeling as we unveil the latest initiative from the community to refresh the Kubernetes threat model, making the entire process transparent and well-documented. This effort will serve as a valuable template and โhow toโ guide for all Kubernetes and CNCF projects, enabling them to enhance their threat modeling practices.โ
๐ When: November 6, 2023 - 11:45am - 12:15pm CST
๐ฃ๏ธ Speakers: Robert Ficcaglia & Francesco Beltramini
๐ Location: Regency Ballroom A/B:
EnvoyCon
Join us at this year’s co-located EnvoyCon for a riveting session threat modelling focusing on the Envoy Gateway Project!
โNavigate through the nuances of Envoy Gateway, an open source project aimed at managing Envoy Proxy as a Kubernetes-based (or standalone) application gateway. Envoy Gateway is configured by Gateway API resources (successor to Kubernetes Ingress) that are used to provision and configure managed Envoy Proxies. Our session looks to discuss a detailed Envoy Gateway Threat Model curated by ControlPlane at the behest of the Linux Foundation, and to share our findings with the open-source community.โ
๐ When: Monday 6th November - 2:40pm - 3:05pm CST
๐ฃ๏ธ Speakers: Torin van den Bulk & James Callaghan
๐ Location: W175abc
ArgoCon
Tune in Monday, November 6th for an engaging presentation exploring the ArgoCD End-User Threat Model at this years co-located ArgoCon.
๐ When: Monday 6th November 3:15 pm - 3:40 pm CST
๐ฃ๏ธ Speakers:Francesco Beltramini & James Callaghan
๐ Location: W185abc
โตExplore the intersection of declarative GitOps and security as we showcase an in-depth threat model of ArgoCD, deployed in multi-tenant mode to simulate end-user implementation. Listeners will be guided through high priority findings and attack trees that showcase potential exploits in unhardened GitOps deployments that may elude the untrained eye
Tuesday 7th November
SECURITY HUB: An Introduction to Cloud Native Capture the Flag ๐ก๏ธ
Dive into the world of Kubernetes and offensive security by participating in our thrilling Capture The Flag (CTF) challenge!
โThe Cloud Native Capture The Flag (CTF) is available to all in-person KubeCon + CloudNativeCon North America attendees. In preparation for getting started with the activity, you are invited to attend an introductory session.
This session aims to introduce how to participate in CTF competition to those who are new to them. We will share our tips and tricks for completing these challenges and work through a practice scenario together.โ
What to Expect:
- ๐คฏ Mind-bending security puzzles, that put your hacking skills to the test
- ๐ต๏ธ Let loose your inner hacker within a safe, controlled Kubernetes (k8s) cluster environment
- ๐ Learn and network with fellow hacking enthusiasts
๐ When: Tuesday 7th November - 11:55am & 15:25pm CST
๐ฃ๏ธ Hosts: Andrew Martin & Kevin Ward
๐ Location: Room W470ab
Wednesday 8th November
SECURITY HUB: Capture the Flag ๐ก๏ธ
Join us for the Ultimate Tech Showdown with our CEO Andrew Martin and Principal Consultant Kevin Ward ๐
โDelve deeper into the dark and mysterious world of Cloud Native security! Discover weaknesses in systems and exploit them to pivot inside the target infrastructure, utilize your position to hunt for flags, and hopefully learn something new along the way!
Attendees can play three increasingly treacherous and demanding scenarios to bushwhack their way through the dense jungle of Cloud Native security. Everybody is welcome, from beginner to seasoned veterans, as we venture amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of cluster compromise!โ
๐ When: Wednesday 8th November - 10:45am CST
๐ฃ๏ธ Hosts: Andrew Martin & Kevin Ward
๐ Location: Room W470ab
Book Signing
Donโt miss your chance to score a signed copy of Hacking Kubernetes by our CEO Andrew Martin and Michael Hausenblas. Head over to the OโReilly Booth at 2pm sharp to grab your copy and meet the authors.
๐ Where: OโReilly Booth B13
๐ When: Wednesday 8th November 14.00 CST
Booth:
We are at booth O26 right by the Cloud Native Corner Store. Drop by, meet our awesome team, discover who we are and explore what we can do for you in the world of cloud native technology. Weโre here to share our passion for all things Kubernetes and tell you all about what we do. Plus there are plenty of awesome award winning swag waiting for you. Come say hello!
We are eager to catch up with you, share insights and explore the latest developments in Kubernetes and cloud security. If youโd like to schedule a specific meeting or have any questions, please feel free to reach out to us here.
Safe travels and we look forward to seeing you there! ๐